Table of Contents

How to use OTP for logging in and pushing code


One time passwords, or OTP, is a password that is generated on some period (at srchub it's every 30 seconds). With OTP the accepted scheme is that it's something you know (a regular password) with something you have (a OTP generator).

Google has been using it for years with their google accounts.


To activate simply login to your account, edit your profile and there should be a field called "Add OTP Key". If you don't already have a premade key - click on generate that will create a random one for you.

After you click on generate you should see a QR code that you can scan with Google Authenticator - or any other OTP generator such as this one.

Be sure to save your profile after you generate the key!


If you have a OTP key - you will be required to enter your OTP on every push with Subversion and Mercurial. Also if you plan on browsing the raw repos and if you have a private repo you will be required to re-enter your credentials every 30 seconds.

Your password is in the form:

{OTP}{old login password}



Supported Services

OTP key only works with Subversion and Mercurial.

OTP key does not work with git because it uses SSH/SSH keys to push code. The public key infrastructure that SSH uses is considered safe enough simply because it would in theory take years to go through all permutations of a possibly key. I can't think of any sane way to integrate OTP with SSH keys.

Created: 9 years 5 months ago
by Natalie Adams

Updated: 8 years 10 months ago
by Natalie Adams


Old Revisions

Page rendered in 0.02463s using 25 queries.